Abstract
PGNIDS(Pattern-Graph based Network Intrusion Detection System) generates the audit data that can estimate intrusion with the packets collected from network. An existing IDS(Intrusion Detection System), when it estimates an intrusion by reading all the incoming packets in network, takes more time than the proposed PGNIDS does. As this proposed PGNIDS not only classifies the audit data into alert and log through ADGM(Audit Data Generation Module) and stores them in the database, but also estimates the intrusion by using pattern graph that classifies IDPM(Intrusion Detection Pattern Module) and event type, Therefore, it takes less time to collect packets and analyze them than the existing IDS, and reacts about abnormal intrusion real time. In addition, it is possible for this to detect the devious intrusion detection by generating pattern graph.
This work was supported by grant No. B1220-0501-0315 from the University fundamental Research Program of the Ministry of Information & Communication in Republic of Korea.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Lee, B.-K., Jeong, E.-H.: Internet security, Namdoo Books (2005)
LBNL’s Network Research Group
Noh, K.-M.: It uses pacp library from linux and packets it catches and it sees v0.3, Linux Korean alphabet document project (2000)
Tone, T.: 1% network principal which decides a success and the failure, Sungandang (2004)
Yang, D.-i., Lee, S.-J.: Information security surveying and actual training, Hanbit Media (2003)
Bace, R., Mell, P.: NIST Special Publication on Intrusion Detection Systems
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lee, Bk., Yang, Sh., Kwon, DH., Kim, DY. (2006). PGNIDS(Pattern-Graph Based Network Intrusion Detection System) Design. In: Gavrilova, M., et al. Computational Science and Its Applications - ICCSA 2006. ICCSA 2006. Lecture Notes in Computer Science, vol 3982. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11751595_5
Download citation
DOI: https://doi.org/10.1007/11751595_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-34075-1
Online ISBN: 978-3-540-34076-8
eBook Packages: Computer ScienceComputer Science (R0)